1st Edition

Electronic Record Keeping Achieving and Maintaining Compliance with 21 CFR Part 11 and 45 CFR Parts 160, 162, and 164

By David Nettleton, Janet Gough Copyright 2004
    384 Pages 2 B/W Illustrations
    by CRC Press

    The current revolution in software, and the regulations that have evolved to address it, have increasingly caused companies to turn to off-the-shelf software for electronic record keeping. Data captured in computerized systems must be as reliable, if not more so, than data on paper. Electronic Record Keeping: Achieving Compliance with 21 CFR Part 11 and 45 CFR Parts 160, 162, and 164 explores how to evaluate, select, implement, and document an e-system that will keep your organization in compliance.

    Covering Title 21 of the Code of Federal Regulations (CFR) Part 11 and the parallel, recently passed Title 45 CFR Parts 160, 162, and 164 of the Health Insurance Portability and Accountability Act (HIPAA), this book provides guidance for selecting, purchasing, installing, validating, and managing commercial off-the-shelf software for data collection and retention. It takes a number of years for industry standards for a new regulation to develop from dialog between companies and the regulating agency. These standards are in place for Part 11, which was passed into law in 1997. Healthcare providers who must implement electronic record keeping can learn how to best do it by understanding the parallel between the new HIPAA regulations and the industry standards for Part 11. Further, certain FDA-driven activities, such as patient record keeping in clinical trials, now must comply with the new HIPAA regs as well. To help companies achieve and maintain compliance, the authors cover audit trails, validation, documentation, training, and security and accountability. They discuss what the regulations say and what they mean.

    Compliance may be mandatory, but it also makes good business sense. Companies that are compliant will always be poised to move forward, and they will avoid the grief that comes from poor or faulty record keeping and documentation. This book gives you the tools you need to keep your company both compliant and competitive.

    ELECTRONIC RECORD KEEPING: THE BIG PICTURE
    Regulatory Evolution
    The Electronic Revolution
    Compliance Requirements
    General Basis for Electronic Records
    Security, Data Transfer, Operation Checks, Archiving, and Audit Trails

    THE REGULATIONS: NOT JUST WHAT THEY SAY, BUT WHAT THEY MEAN
    21 CFR Part 11 Electronic Records; Electronic Signatures and 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards
    GOING ELECTRONIC: WHAT YOU NEED TO KNOW AND DO
    Software Development and Use: From Then Till Now
    The COTS Software Development Life Cycle
    Purchasing COTS Software
    Developer and User Validation
    Operating Environments
    IQ/OQ/PQ and CSV
    Retrospective Validation

    DOCUMENTATION AND TRAINING
    The Validation Packet
    Validation Documents
    System Support Documents
    Additional Records
    Training

    SECURITY, ACCOUNTABILITY, AND CHANGE MANAGEMENT
    Managing the System
    Security and the People Factor
    Ongoing Communication
    Managing Passwords: A Keychain
    Biometric Keychains
    Change Management

    AUDITING ELECTRONIC RECORD KEEPING SYSTEMS
    Establishing an Audit Function
    Establishing the Scope of the Audit and preparing to Audit
    Reviewing Binding Regulations and Documentation
    Planning the Audit
    Conducting the Actual Audit
    Evaluating and Reporting Results
    Keeping the Audit Function Vital
    Auditing and the Regulatory Inspection

    MOVING FORWARD
    Computer System Validation Committee
    Changing Company Cultures
    Gap Analysis
    Computer System Inventory
    Remaining Vigilant

    FREQUENTLY ASKED QUESTIONS
    Binding Regulations
    Software Vendors
    Computer System Validation
    Electronic Records
    Electronic Signatures and Accountability
    Security
    Systems
    Audit Trails
    Staying Informed

    Biography

    David Nettleton